htmlentities -> htmlspecialchars

This commit is contained in:
2024-12-06 15:35:38 +08:00
parent daa005f029
commit d9b2d13caa
184 changed files with 410 additions and 405 deletions

View File

@@ -97,18 +97,18 @@ if ($domain==$DOMAIN && $OJ_NAME==$user_id){
print "history.go(-1);\n</script>";
exit(0);
}
$nick=(htmlentities ($nick,ENT_QUOTES,"UTF-8"));
$school=(htmlentities ($school,ENT_QUOTES,"UTF-8"));
$email=(htmlentities ($email,ENT_QUOTES,"UTF-8"));
$nick=(htmlspecialchars ($nick,ENT_QUOTES,"UTF-8"));
$school=(htmlspecialchars ($school,ENT_QUOTES,"UTF-8"));
$email=(htmlspecialchars ($email,ENT_QUOTES,"UTF-8"));
$ip = ($_SERVER['REMOTE_ADDR']);
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])&&!empty(trim($_SERVER['HTTP_X_FORWARDED_FOR']))) {
$REMOTE_ADDR = $_SERVER['HTTP_X_FORWARDED_FOR'];
$tmp_ip = explode(',', $REMOTE_ADDR);
$ip = (htmlentities($tmp_ip[0], ENT_QUOTES, "UTF-8"));
$ip = (htmlspecialchars($tmp_ip[0], ENT_QUOTES, "UTF-8"));
} else if (isset($_SERVER['HTTP_X_REAL_IP'])&&!empty(trim($_SERVER['HTTP_X_REAL_IP']))) {
$REMOTE_ADDR = $_SERVER['HTTP_X_REAL_IP'];
$tmp_ip = explode(',', $REMOTE_ADDR);
$ip = (htmlentities($tmp_ip[0], ENT_QUOTES, "UTF-8"));
$ip = (htmlspecialchars($tmp_ip[0], ENT_QUOTES, "UTF-8"));
}
// 检查IP是否已经注册过